maintenance window agent export logic #23062
Conversation
fspmarshall
force-pushed
the
fspmarshall/maintenance-window-auth-v2
branch
3 times, most recently
from
d9a79d4
to
bb98e4a
Compare
fspmarshall
force-pushed
the
fspmarshall/maintenance-window-agent
branch
from
9b29ab6
to
c9704de
Compare
| // Exporter is a helper used to | ||
| type Exporter[C contextLike] struct { | ||
| cfg ExporterConfig[C] | ||
| closeContext context.Context |
There was a problem hiding this comment.
I was pinged on a review recently and advised not to store context in structs. Seems like a reasonable idea. It'd be easy enough to adjust the call to Run in service.go to just say something like:
process.RegisterCriticalFunc("maintenancewindow.export", func() error {
return exporter.Run(process.ExitContext())
)
I don't know that Close would be necessary if you did this, as the context would be canceled as part of process shutdown.
There was a problem hiding this comment.
I am going to push back on this one... storing a request scoped (or potentially request-scoped) context in a struct is bad, because it makes it too easy to accidentally introduce weird memory leaks. This is because request-scoped context frequently hold onto references to lots of request-scoped date (e.g. certs).
Using context.Background() to create a cancellation helper for a component that does cancellable I/O is fine IMO. Rather than bake our own alternative closure mechanism, if I were to deviate from this pattern I'd probably deviate by creating a custom CloseContext helper type that implements context.Context and never contains any context values (i.e. a context type that statically promises that it does not hold references to request-scoped values).
We could use process.ExitContext(), but IMO that's not a great pattern. I've found myself leaning toward the opinion that persistent components should be explicitly rather than implicitly closed where possible. Mostly because this allows control of the order of closure. Context cancellation cancels all layers simultaneously, which has caused confusing errors for us in the past. Mostly a moot point here, since no other components rely on exporter being healthy, but it's a pattern I'm trying to force myself to stick to.
| return nil | ||
| } | ||
|
|
||
| func (e *Exporter[C]) event(event testEvent) { |
fspmarshall
force-pushed
the
fspmarshall/maintenance-window-auth-v2
branch
from
2279020
to
8a328e1
Compare
|
@fspmarshall - this PR will require admin approval to merge due to its size. Consider breaking it up into a series smaller changes. |
fspmarshall
force-pushed
the
fspmarshall/maintenance-window-agent
branch
from
5cd6d5f
to
d31ba43
Compare
|
You have successfully added a new Trivy configuration |
fspmarshall
force-pushed
the
fspmarshall/maintenance-window-auth-v2
branch
10 times, most recently
from
717f489
to
6be6771
Compare
fspmarshall
force-pushed
the
fspmarshall/maintenance-window-agent
branch
from
d31ba43
to
bd290e2
Compare
adds client-side logic for exporting maintenance windows for external updaters. export behavior is enabled via env var (`TELEPORT_EXT_UPGRADER=kube|unit`).
fspmarshall
force-pushed
the
fspmarshall/maintenance-window-agent
branch
2 times, most recently
from
1534588
to
827af87
Compare
github-merge-queue
bot
removed this pull request from the merge queue due to failed status checks
Implementation of the agent-side logic corresponding to #22850
This PR introduces maintenance window export logic for the kube controller and systemd unit based external upgraders. When enabled, the teleport agent periodically loads maintenance window info from auth and exports it to an appropriate location for the upgrader to consume it.
The behavior is toggled by setting an environment variable (
TELEPORT_EXT_UPGRADER=kube|unit). This flag is not intended to be set by users. Upgrader packages will set the appropriate value automatically.Note: this PR is currently pointing toward fspmarshall/maintenance-window-auth-v2 and will be rebased to master once the changes it depends on get merged.